Hello again
this last week has been interesting..after looking at the majordomo logs I
found a number of these attacks..they are getting annoying...there has been
some 24 attacks since like Mar 11.
now..as I seen on a list, I had all the mail that would usually go to
majordomo@valinor.eldar.org (valinor.eldar.org is the server where we run
majordomo) also sent to my user account. This has proven interesting. Since
setting this into place, there has been 3 attacks. here is the first of the
recieved lines in those emails (these repersent 2 attacks on/from
mexico.com and 1 on/from aol.com).
Received: from aol.com (inter722.internet.com.mx [207.249.191.152])
by valinor.eldar.org (8.8.8/8.8.5) with SMTP id GAA29712
for <majordomo@valinor.eldar.org>; Sun, 21 Mar 1999 06:42:08 -0500 (EST)
Received: from mexico.com (t5s28.data.net.mx [207.249.173.37])
by valinor.eldar.org (8.8.8/8.8.5) with SMTP id MAA01829
for <majordomo@valinor.eldar.org>; Sun, 21 Mar 1999 12:11:19 -0500 (EST)
Received: from mexico.com (t2s8.data.net.mx [200.13.19.17])
by valinor.eldar.org (8.8.8/8.8.5) with SMTP id NAA03394
for <majordomo@valinor.eldar.org>; Sun, 21 Mar 1999 13:35:18 -0500 (EST)
as for apc.org, I have been in contact with a person from there. From what
they have told me, and from what I have seen, I would say the "from" line
indicates a victom, not the attacker.
I am not an expert on this. I am learning as I go. maybe someone could show
a little more insite?
Benji
-------------------->Benji Spencer<--------------------
spunge@spunge.org http://www.spunge.org
spunge@ripco.com http://www.ripco.com/~spunge
ben@anduin.eldar.org http://www.eldar.org/~ben
** Finger ben@anduin.eldar.org for PGP public key **
------------------->ICQ # 14089998<--------------------
Follow-Ups:
|
|
